wok-6.x view asleap/description.txt @ rev 22753
updated fcgi and fcgi-dev (2.4.0 -> 2.4.2)
author | Hans-G?nter Theisgen |
---|---|
date | Fri Jan 24 14:26:17 2020 +0100 (2020-01-24) |
parents | |
children |
line source
1 This tool is released as a proof-of-concept to demonstrate weaknesses in
2 the LEAP and PPTP protocols.
4 LEAP is the Lightweight Extensible Authentication Protocol, intellectual
5 property of Cisco Systems, Inc. LEAP is a security mechanism available
6 only on Cisco access points to perform authentication of end-users
7 and access points. LEAP is written as a standard EAP-type, but is not
8 compliant with the 802.1X specification since the access point modifies
9 packets in transit, instead of simply passing them to a authentication
10 server (e.g. RADIUS).
12 PPTP is a Microsoft invention for deploying virual private networks (VPN).
13 PPTP uses a tunneling method to transfer PPP frames over an insecure
14 network such as a wireless LAN. RFC 2637 documents the operation and
15 functionality of the PPTP protocol.
18 BACKGROUND
20 LEAP utilizes a modified MS-CHAPv2 challenge/response in order to
21 authenticate users on a wireless network. The MS-CHAPv2 authentication
22 method has been clearly identified as a weak method of authentication
23 for several reasons.
25 Asleap README:
26 http://www.willhackforsushi.com/code/asleap/2.2/README